[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] sks behind lighttpd reverse proxy

From: Simon Lange
Subject: Re: [Sks-devel] sks behind lighttpd reverse proxy
Date: Mon, 02 Dec 2013 11:58:41 +0100
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1

Hi Roman.

Am 02.12.2013 10:15, schrieb Roman Pavlik:
I did the same configuration just two day ago and it works like a charm. But the proxy module of lighttd was used. You can do it by this way:

  • in modules.conf uncomment line, where proxy-modul configuration is loaded:
include "conf.d/proxy.conf"
  • open conf.d/proxy.conf and write your configuration:
# for IPv4
$SERVER["socket"] == "" {
    proxy.server = ( "" => ( ( "host" => "", "port" => 11371 )))
    setenv.add-response-header = ( "Via" => "1.1 (lighttpd)" )
    accesslog.filename = "/var/log/lighttpd" # logging disabled; you can specify the log file here if you like
  • comment out your redirect configuration, describe in your mail
  • restart lighttpd

Hope, this help.

Thanks but it WONT help. Seems you didnt read my mail, because you just suggested EXACTLY the configuration i am using! And as i also wrote: No, it does NOT work anymore for gpg which is a major fail, since thats why we run the servers.

Roman Pavlik

best regards


Simon Lange píše v Po 02. 12. 2013 v 09:08 +0100:
Hi all,

sks running fine.


if u put it behind a lighttpd reverse proxy for ports 11370 and 11371 it
wont work anymore.
11370 (recon) isnt operational anymore. communication is broken.
connection establishes but the communication itself does not work. sks
and company do not understand eachother anymore if a lighttpd reverse
proxy is between them.
11371 almost same. gpg client does not work anymore. a keysearch with
gpg wont find ANYTHING anymore as long the lighttpd reverse proxy is
between. only via browser (firefox, chrome, IE, ...) it works. same for
443 reverseproxy to 11371.
sks without any reverse proxy for ports 11370 and 11371 works perfectly.
gpg finds everything again and recon runs as it always did.

for me it seems just proxying the connection through lighttpd seems not
be enough for gpg or sks(recon). so what is it that gpg/sks got a
problem with?
the lighttpd reverse proxy is correctly configured. every connection to
that ports is proxied to the daemon running on

any ideas?

some information:
sks 1.1.4
lighttpd 1.4.30
you can see the recon gap on dec 1st 2013. this happened when the recon
port was behind reverse proxy.
11371 is currently behind reverseproxy. its reachable also via :80 and
:443 with hostname

configuration snippet (lighttpd):
server.reject-expect-100-with-417 = "disable"
$SERVER["socket"] == "" {             = ""
        accesslog.filename      =
        proxy.server = ( "" => (( "host" => "", "port" => 11371
) ) )
        setenv.add-response-header = ( "Via" => "1.1 (lighttpd)" )

#same configuration i tried for 11370 (ofcourse with changed ports).

any help is welcome



Sks-devel mailing list

Simon Lange Consulting  - Gaudystr. 6  - DE-10437 Berlin
Telefon: +49(0)30/89757206 Mobil: +49(0)151/22640160

reply via email to

[Prev in Thread] Current Thread [Next in Thread]